diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-06 01:26:58 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-06 01:26:58 +0000 |
commit | 999ae6be3243c7b4a815247199447b53c39a3d65 (patch) | |
tree | 1f35b42b5e5f462d35ba452e4dcfa188ce0543fd /regress/connect-privsep.sh | |
parent | Initial commit. (diff) | |
download | openssh-999ae6be3243c7b4a815247199447b53c39a3d65.tar.xz openssh-999ae6be3243c7b4a815247199447b53c39a3d65.zip |
Adding upstream version 1:7.9p1.upstream/1%7.9p1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'regress/connect-privsep.sh')
-rw-r--r-- | regress/connect-privsep.sh | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/regress/connect-privsep.sh b/regress/connect-privsep.sh new file mode 100644 index 0000000..b6abb65 --- /dev/null +++ b/regress/connect-privsep.sh @@ -0,0 +1,35 @@ +# $OpenBSD: connect-privsep.sh,v 1.9 2017/04/30 23:34:55 djm Exp $ +# Placed in the Public Domain. + +tid="proxy connect with privsep" + +cp $OBJ/sshd_proxy $OBJ/sshd_proxy.orig +echo 'UsePrivilegeSeparation yes' >> $OBJ/sshd_proxy + +${SSH} -F $OBJ/ssh_proxy 999.999.999.999 true +if [ $? -ne 0 ]; then + fail "ssh privsep+proxyconnect failed" +fi + +cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy +echo 'UsePrivilegeSeparation sandbox' >> $OBJ/sshd_proxy + +${SSH} -F $OBJ/ssh_proxy 999.999.999.999 true +if [ $? -ne 0 ]; then + # XXX replace this with fail once sandbox has stabilised + warn "ssh privsep/sandbox+proxyconnect failed" +fi + +# Because sandbox is sensitive to changes in libc, especially malloc, retest +# with every malloc.conf option (and none). +if [ -z "TEST_MALLOC_OPTIONS" ]; then + mopts="C F G J R S U X < >" +else + mopts=`echo $TEST_MALLOC_OPTIONS | sed 's/./& /g'` +fi +for m in '' $mopts ; do + env MALLOC_OPTIONS="$m" ${SSH} -F $OBJ/ssh_proxy 999.999.999.999 true + if [ $? -ne 0 ]; then + fail "ssh privsep/sandbox+proxyconnect mopt '$m' failed" + fi +done |